KAIST

Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor

Nodes

Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys07

2007. 11.22

Kim Taesung

A Secure Group Key Management Scheme for Wireless Cellular Network

Contents

Introduction

Problem Definition, Assumptions and Attacker Model

Protocol for Key Deployment

Security Analysis

Implementation

Radio Measurement

User Study

MIB for Multiple Nodes

Discussion

Comparison Related Work

Conclusion

22/20/20

A Secure Group Key Management Scheme for Wireless Cellular Network

Introduction

Deploying cryptographic key in a secure manner to sensor node is a prerequisite for secure sensor network.

Secure key establishment rely on a pre-existing shared secret.

TinySec, SPINS, ZigBee security.

ZigBee security provides two suggestions

Cryptographic keys could be sent in the clear.

Factory could imprint keys on sensor nodes.

Message-In-a-Bottle(MIB)

Secure mechanism for initial key setup

Four properties

No physical interfaces

Secure key deployment, wirelessly

Key deployment by non-expert

Batch deployment for multiple nodes

33/20/20

Problem Definition

How can a shared secret be set up between a trusted base station and each new uninitialized node?

Solution provides properties.

Key secrecy

Key authenticity

Forward secrecy

Demonstrative identification

Robust to user error

Cost effective

No public key cryptography

title 44/20/20

Protocol for Key Deployment

MIB Participants

Base Station

The base station is not directly involved with key deployment.

New Node

Three states: uninitialized, initialized, and rejected

Keying Device

The keying device sends keying information to the new node when the Faraday cage is closed.

Keying Beacon

Three purposes: 1) detect when the Faraday cage is closed; 2) jam the communication channel; 3)inform the user of outcome of the deployment.

User

The user of MIB is the person who performs key deployment

title 55/20/20

Overview of MIB Protocol

Each mote has three color LEDs: Red, Green, and Blue.

You will be working with three types of motes: Controller, Numbered Mote, Secret Keeper.

Step 1.Verify that all three LEDs (red, green, and blue) on the Controller and the Secret

Keeper are

blinking simultaneously.

Gently place the Numbered mote in the container.

Step 2.Screw the cap on the container snugly.

When no radio signals can escape the container, the Controller’s blue LED will be lit.

Step 3.Wait until the Controller begins to blink its blue LED. This should take about 5

seconds.

Step 4.Open the container and remove the Numbered mote. Record the result on the

Results page.

• If the Controller’s green LED is lit, encryption keys were successfully exchanged.

• If the Controller’s red LED is lit, the key exchange process was not successful.

• It does not matter what color (if any) the Numbered mote is lit.

title 66/20/20

Overview of MIB Protocol

Why is a Faraday cage insufficient?

In practice, Faraday cage is imperfect; it can not block radio signals completely.

Usability issues.

Protecting shielded messages

Faraday cage.

Messages are transmitted at minimum power.

Keying beacon jams the wireless frequency.

No spread spectrum.

The secret key is a function of all the shielded messages.

title 77/20/20

Detailed Description

title 88/20/20

Notation

title 99/20/20

Setup Keying Device and Keying Beacon

title 1010/20/20

Heartbeat Messages

title 1111/20/20

Deploy Cryptographic Keys

title 1212/20/20

Key Activation and Verification

title 1313/20/20

After Key Deployment

Initialized node M

Node identifies itself with ID M, counter c and keying device’s ID D.

Base station can generate KM

Base station possesses the master secret.

title 1414/20/20

Security Analysis

Obtain Key KM through eavesdropping

Inject a malicious key onto the new node

Compromise the network by compromising the keying device

Initiate key deployment before the Faraday cage

Prevent the keying beacon from jamming during key deployment

Wait for the user to make an error

title 1515/20/20

Implementation

title 1616/20/20

User study

title 1717/20/20

MIB for Multiple Nodes

title 1818/20/20

Comparison with Related Work

1919/20/20title

A Secure Group Key Management Scheme for Wireless Cellular Network

Time for

Any questions?

Thank you for listening !

2020/20/20